| Vardhaan | 20.07.2012 14:56 |
Okay, entschuldige wegen der Eile ich war 3 Wochen im Urlaub und wollte das Problem eigentlich davor beseitigen aber okay.
OTL Log: Code:
OTL logfile created on: 25.06.2012 13:08:02 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\MG\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 76,84% Memory free
6,21 Gb Paging File | 5,69 Gb Available in Paging File | 91,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 150,36 Gb Total Space | 131,49 Gb Free Space | 87,45% Space Free | Partition Type: NTFS
Drive D: | 45,69 Gb Total Space | 35,26 Gb Free Space | 77,17% Space Free | Partition Type: FAT32
Drive F: | 102,02 Gb Total Space | 28,51 Gb Free Space | 27,95% Space Free | Partition Type: NTFS
Computer Name: MG-PC | User Name: MG | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\MG\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programme\Softex\OmniPass\userdata.dll ()
MOD - C:\Programme\Softex\OmniPass\autheng.dll ()
MOD - C:\Programme\Softex\OmniPass\storeng.dll ()
MOD - C:\Programme\Softex\OmniPass\opfsdll.dll ()
MOD - C:\Programme\Softex\OmniPass\cryptodll.dll ()
MOD - C:\Programme\Softex\OmniPass\SSPLogon.dll ()
========== Win32 Services (SafeList) ==========
SRV - (ST2012_Svc) -- C:\Programme\Spyware Terminator\st_rsser.exe (Crawler.com)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Programme\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (GoogleDesktopManager) -- C:\Programme\Google\Google Desktop Search\GoogleDesktopManager.exe (Google)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (omniserv) -- C:\Programme\Softex\OmniPass\OmniServ.exe (Softex Inc.)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WisLMSvc) -- C:\Programme\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (BGLiveSvc) -- C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe (BullGuard Software)
SRV - (BgMainSvc) -- C:\Programme\BullGuard Software\BullGuard\BsMain.dll (BullGuard, Ltd.)
SRV - (BsMailProxy) -- C:\Programme\BullGuard Software\BullGuard\BsMailProxy.dll (BullGuard Ltd.)
SRV - (BsFileScan) -- C:\Programme\BullGuard Software\BullGuard\BsFileScan.dll (BullGuard Ltd.)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)
SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
SRV - (usnjsvc) -- C:\Programme\MSN Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (sp_rsdrv2) -- C:\Windows\System32\drivers\sp_rsdrv2.sys ()
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (PhilCap) -- C:\Windows\System32\drivers\PhilCap.sys (NXP Semiconductors Germany GmbH)
DRV - (BdFileSpy) -- C:\Windows\System32\drivers\BdFileSpy.sys (BullGuard Ltd.)
DRV - (Reconn) -- C:\Programme\BullGuard Software\BullGuard\Reconn.sys (BullGuard Ltd.)
DRV - (Si3531) -- C:\Windows\System32\drivers\Si3531.sys (Silicon Image, Inc)
DRV - (SiFilter) -- C:\Windows\System32\drivers\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (SiRemFil) -- C:\Windows\System32\drivers\SiRemFil.sys (Silicon Image, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (Hotkey) -- C:\Windows\System32\drivers\HOTKEY.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.24 21:40:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.06.24 21:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MG\AppData\Roaming\mozilla\Extensions
[2012.06.24 22:34:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MG\AppData\Roaming\mozilla\Firefox\Profiles\x8tbr7q9.default\extensions
[2012.06.24 22:22:08 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\MG\AppData\Roaming\mozilla\Firefox\Profiles\x8tbr7q9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.06.24 21:49:56 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\MG\AppData\Roaming\mozilla\Firefox\Profiles\x8tbr7q9.default\extensions\ich@maltegoetz.de
[2012.06.24 21:40:50 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.24 22:22:08 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\MG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X8TBR7Q9.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.06.24 22:22:08 | 000,697,058 | ---- | M] () (No name found) -- C:\USERS\MG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X8TBR7Q9.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2012.06.24 22:22:07 | 000,014,476 | ---- | M] () (No name found) -- C:\USERS\MG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X8TBR7Q9.DEFAULT\EXTENSIONS\CUSTOMIZENEWTAB@ALEJANDROBRIZUELA.COM.AR.XPI
[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O4 - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Software\BullGuard\bullguard.exe (BullGuard Software)
O4 - HKLM..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" File not found
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OmniPass] C:\Programme\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe File not found
O4 - HKLM..\Run: [SpywareTerminatorShield] C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SpywareTerminatorUpdater] C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [TVBroadcast] C:\Programme\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BullGuard] C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe (BullGuard Software)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E26C523-76DB-460F-BC8B-080A024841E5}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.09.25 15:13:14 | 000,000,032 | ---- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.25 13:08:56 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\WinRAR
[2012.06.25 13:08:56 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.06.25 13:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.06.25 13:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.06.25 12:57:20 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\MG\Desktop\OTL.exe
[2012.06.25 12:56:50 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Malwarebytes
[2012.06.25 12:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.25 12:56:39 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.25 12:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.25 12:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.25 12:53:22 | 000,000,000 | ---D | C] -- C:\1259ced3ee3f430b3a63dc
[2012.06.25 12:52:00 | 000,000,000 | ---D | C] -- C:\17132156dcd9a0ae796c692585875430
[2012.06.25 12:17:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.06.24 23:15:49 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Wireshark
[2012.06.24 22:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012.06.24 22:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2012.06.24 22:53:26 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Spyware Terminator
[2012.06.24 22:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2012.06.24 22:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2012.06.24 22:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2012.06.24 22:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2012.06.24 22:36:30 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Adobe
[2012.06.24 22:36:30 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Local\Adobe
[2012.06.24 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Google
[2012.06.24 21:43:44 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Macromedia
[2012.06.24 21:41:47 | 000,000,000 | ---D | C] -- C:\Users\MG\Documents\Eigene Google Gadgets
[2012.06.24 21:41:25 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Local\Google
[2012.06.24 21:41:25 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Local\ApplicationHistory
[2012.06.24 21:41:24 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\BullGuard
[2012.06.24 21:41:04 | 000,000,000 | R--D | C] -- C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.06.24 21:41:04 | 000,000,000 | R--D | C] -- C:\Users\MG\Searches
[2012.06.24 21:41:04 | 000,000,000 | R--D | C] -- C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.06.24 21:41:01 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Mozilla
[2012.06.24 21:41:01 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Local\Mozilla
[2012.06.24 21:40:53 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Identities
[2012.06.24 21:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.06.24 21:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.24 21:40:49 | 000,000,000 | R--D | C] -- C:\Users\MG\Contacts
[2012.06.24 21:40:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.06.24 21:40:45 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Local\VirtualStore
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Vorlagen
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\AppData\Local\Verlauf
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\AppData\Local\Temporary Internet Files
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Startmenü
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\SendTo
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Recent
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Netzwerkumgebung
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Lokale Einstellungen
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Documents\Eigene Videos
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Documents\Eigene Musik
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Eigene Dateien
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Documents\Eigene Bilder
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Druckumgebung
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Cookies
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\AppData\Local\Anwendungsdaten
[2012.06.24 21:40:36 | 000,000,000 | -HSD | C] -- C:\Users\MG\Anwendungsdaten
[2012.06.24 21:40:32 | 000,000,000 | --SD | C] -- C:\Users\MG\AppData\Roaming\Microsoft
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\Videos
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\Saved Games
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\Pictures
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\Music
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\Links
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\Favorites
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\Downloads
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\Documents
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\Desktop
[2012.06.24 21:40:32 | 000,000,000 | R--D | C] -- C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.06.24 21:40:32 | 000,000,000 | -H-D | C] -- C:\Users\MG\AppData
[2012.06.24 21:40:32 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Local\Temp
[2012.06.24 21:40:32 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Local\Microsoft
[2012.06.24 21:40:32 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Media Center Programs
[2012.06.24 21:40:32 | 000,000,000 | ---D | C] -- C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.06.24 21:37:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.06.24 21:35:29 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
========== Files - Modified Within 30 Days ==========
[2012.06.25 13:09:33 | 000,000,840 | ---- | M] () -- C:\Users\MG\Desktop\MBAM + OTL Log.zip
[2012.06.25 13:08:50 | 000,000,680 | ---- | M] () -- C:\Users\MG\AppData\Local\d3d9caps.dat
[2012.06.25 12:57:20 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\MG\Desktop\OTL.exe
[2012.06.25 12:56:40 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.25 12:21:53 | 000,627,912 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.25 12:21:53 | 000,595,336 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.25 12:21:53 | 000,127,022 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.25 12:21:53 | 000,104,666 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.25 12:17:41 | 194,416,306 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.06.25 12:17:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.25 11:59:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.25 11:59:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.24 23:33:15 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.06.24 22:53:24 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2012.06.24 21:41:25 | 000,000,090 | ---- | M] () -- C:\Users\MG\AppData\Local\fusioncache.dat
[2012.06.24 21:40:56 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.24 21:35:13 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012.06.24 21:10:31 | 000,363,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2012.06.25 13:09:06 | 000,000,022 | ---- | C] () -- C:\Users\MG\Desktop\WinRAR-ZIP-Archiv (neu).zip
[2012.06.25 12:56:40 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.25 12:34:55 | 000,000,680 | ---- | C] () -- C:\Users\MG\AppData\Local\d3d9caps.dat
[2012.06.25 12:17:27 | 194,416,306 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.06.24 22:53:26 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2012.06.24 22:53:24 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2012.06.24 22:53:12 | 000,001,529 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
[2012.06.24 21:41:25 | 000,000,090 | ---- | C] () -- C:\Users\MG\AppData\Local\fusioncache.dat
[2012.06.24 21:41:08 | 000,000,953 | ---- | C] () -- C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.06.24 21:41:01 | 000,000,948 | ---- | C] () -- C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.06.24 21:40:56 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.24 21:40:56 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.24 21:40:48 | 000,000,919 | ---- | C] () -- C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
< End of report >
Malware Bytes Log: Code:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.06.25.05
Windows Vista Service Pack 1 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 7.0.6001.18000
MG :: MG-PC [Administrator]
Schutz: Deaktiviert
25.06.2012 12:58:35
mbam-log-2012-06-25 (12-58-35).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 188521
Laufzeit: 2 Minute(n), 4 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
Herzlichen Dank :) |
